1. Field
At least one feature relates to communication systems, and, more particularly, to a method for facilitating secure proxy mobile IP (PMIP) key generation and distribution within a wireless network.
2. Background
In the evolution of various wireless communication networks within 3GPP2, one type of network architecture is known as an ultra mobile broadband (UMB) network and is intended to improve the CDMA2000 mobile phone standard for next generation applications and requirements. UMB packet data networks are based upon Internet (TCP/IP) networking technologies running over a next generation radio system and is intended to be more efficient and capable of providing more services than the technologies it replaces. UMB is intended to be a fourth-generation (4G) technology and uses a high bandwidth, low latency, underlying TCP/IP network with high level services such as voice built on top. The much greater amount of bandwidth (in comparison to previous generations), and much lower latencies, enable the use of various application types that have previously been impossible, while continuing to deliver high quality (or higher quality) voice services.
UBM networks have a less centralized management of its network access nodes, known as evolved base stations (eBS). The access nodes may be coupled to a local or collocated session reference network controller (SRNC). Such access nodes and/or SRNC may perform many of the same functions as the base station (BS) and base station controller (BSC) in a conventional CDMA network. Consequently, due to the additional operations performed closer to the wireless interface by the access node (eBS) and SRNC in a UMB architecture, several problems occur in trying to maintain security of the access nodes and SRNC. One such problem is supporting and securing communications as an access terminal roams to different networks away from its home network.
Mobile IP (MIP) specifies a protocol for a mobile node (access terminal) to receive packets destined to its home IP address even when the mobile node (access terminal) is not present in its home network. It specifies registration request (RRQ) and response (RRP) messages between the mobile node (access terminal) and a Home Agent (HA). The HA then receives packets on behalf of the mobile node and tunnels the packets to the present location of the mobile node (access terminal). The RRQ and RRP messages are authenticated using key shared by the mobile node (access terminal) and its home agent.
In some cases, such where the mobile node (access terminal) connecting to the network does not have a Mobile IP stack but requires mobility services, the network may have to rely on a proxy (called the Proxy Mobile Node, PMN) to generate the registration requests and process the registration responses on behalf of the mobile node (access terminal). To ensure Mobile IP compatible behavior, the control packets from the PMN must be sent via the current subnet of the mobile node (access terminal). So the MIP control packets generated by the PMN are tunneled via an assistant function that resides in the current subnet of the mobile node (located say in a foreign agent or an access node). Thus the PMN (and the PMN-HA key) can reside in a single/secure location even as the mobile node (access terminal) moves or roams from one subnet to another.
Consequently, a way is needed to generate and distribute keys for PMIP tunnels within a network.